With the increase in communications and electronic transactions, incidents of fraud associated with these activities have increased. For example, “cloning” a cellular telephone is a type of telecommunications fraud where an identifier, such as a serial number, for a cellular telephone is snooped, or read, as calls are transmitted, captured, and used to identify calls transmitted by other cellular telephones. When the other cellular telephones transmit calls, the calls may be fraudulently charged to the account holder for the original cellular telephone.
Some current systems attempt to detect fraudulent transactions, such as telecommunication fraud, by constructing a transaction model based on historical observations of transactions. By observing large number of transactions, characteristics may be derived that indicate whether a particular transaction is substantially likely to be fraudulent.
For example, characteristics of 100,000 telephone calls can be captured and later characterized as fraudulent or legitimate. The fraudulent calls may share similar characteristics and transaction patterns that are used to build static models that indicate the probability of fraud for incoming transactions. In certain systems, these static, historical models can be used in a production, or real-time, environment to evaluate a probability of fraud for incoming transactions. However, creation of the historical model may be difficult to deploy quickly because a large amount of sample observations may be necessary to construct the model. Additionally, if historical observations do not exist for a particular environment, a historical model may not have the information needed to be accurate in the detection of fraud.